When safety is out of your hands
29 March 2017 | 0
With cyber security becoming a major drain on customer resources, the path should be clear for channel partners to shift from selling solutions to providing security as a service. But how ready are partners to become managed security service providers (MSSP)? What are the major obstacles to providing a managed security service?
UK technical manager, Integrity360
“Moving from a solution seller to a true MSSP is not a straightforward task,” Ford warns, it is not something “that happens overnight”. It has taken several years to develop at Integrity360, requiring significant investment in all areas of the business “to take us from supporting and managing individual point solutions to providing a full and comprehensive managed security service (MSS), covering the full 360-degree security lifecycle”.
In terms of obstacles and challenges, customers are attracted by MSS because “they recognise the challenges they face to resource an internal security function, requiring skilled and experienced security professionals, providing them with the toolset necessary to run a security operations centre (SOC), and keeping them trained and up to date. MSSPs face the very same challenges,” he adds. Integrity360 has worked hard to ensure it is able to attract the right talent to be successful and meet customer needs as true security experts.
For many organisations, security policies and practices have lagged behind the desire to be connected and have ‘always-on’ access to information on any device, “which has led to high profile and, in many cases, avoidable data breaches”. MSS allow an organisation to instantly add a security capability to their IT operation and start tackling security issues. “I believe more and more organisations will look towards managed security services, if they are not already, but whether this is in the form of specific security toolset management, providing an outsourced SOC capability or a full on-site security service will depend on the customer,” Ford concludes.
Head of cloud assurance, BSI Espion
The rapid introduction of enterprise technologies, cloud computing, Big Data, mobile computing and Internet of Things (IoT), has left organisations with a broadened security attack surface and an increase in overall risks, Bowes observes. The level of vulnerabilities on new platforms which must be mitigated has left security teams with an ever-increasing and changing workload.
At the same time, the incoming General Data Protection Regulation (GDPR) will mean external security threats come with a higher risk than ever before and the cost of cybercrime is also on the rise. “While technologies are better at dealing with previously seen or known threats, addressing increasingly complex and sophisticated unforeseen unknown threats is a growing battle for most organisations,” he says.
With security threats becoming more diverse, a growing number of technology vendors are competing to provide point solutions. “For the in-house security practitioner, this means there are more moving parts to deal with across more management consoles, often requiring the overhead of bespoke integrations. From a skills perspective, it means a broader range of knowledge and experience is necessary to perform the security function.”
But a shortage of security professionals has led to increased security outsourcing and demand for security technologies that reduce manual workload. “Beneath the iceberg,” Bowes claims, “security tasks are increasingly delegated to generalist IT professionals who are often untrained or not ‘well practised’ for the specific security task at hand.”
In worst case scenarios, these tasks “are done sub-optimally or not done at all, in particular where a large list of regulatory controls stated as being implemented on paper are not implemented properly in practice”.
He accepts MSS may not suit every client, nevertheless it can deliver a number of benefits, including breadth of expertise and the ability to access experienced teams of honed and “well-practiced” security professionals. MSS can also improve the likelihood that technologies are deployed and used effectively. Organisations can work closely with MSSPs to design secure, effective, resilient solutions tailored to their specific security and compliance requirements.
Vice president for North West Europe & APAC, Arrow ECS
“Traditionally, security solutions have often been implemented and then forgotten about,” Trolle says. “This is because they’re quite frequently expected to work without any support or maintenance – normally because some businesses don’t have the internal team or resource to keep their security up to date.” But this approach creates “an obvious hole” in many security infrastructures, leaving companies open to attack. “As the threat landscape has evolved over recent years and attacks have become more and more common, it’s never been so important to have an effective solution in place,” he warns.
Most channel organisations are looking to become MSSPs, Trolle states, because it enables them to evolve from offering on-premise security solutions to work across a wider stack of technologies. For example, cloud IaaS has exploded – as infrastructures have moved from physical servers to cloud services – and “there is a misconception that some cloud providers offer a security layer,” he says, “but they won’t protect the infrastructure against attacks – instead it is up to the user.”
Cloud allows the use of services that haven’t been focused on historically – previously companies only had the resources and skills to offer a few areas of the security stack. “They can now package up traditional offerings together and deliver a hybrid approach,” he remarks.
Distributors can help by offering value add with pre-sales and support to assist MSSPs – especially in the early days. MSSPs can also delegate additional backup support to the distributor or vendor. “Using trusted distributors and vendors is critical for any MSSP as there will always be challenges and new threats that require the latest technologies or knowledge,” he adds.